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Powering and Digitizing the Economy 


Building an Enterprise Container Management Platform 


Anthony Andrades — Head of Infrastructure Solutions Architecture, Steve Delaney — Lead Microservices Architect 
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semouges nueva LITE IS ON 
Our technologies ensure that 


everywhere, for everyone and at every moment. 
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How to make a business ‘digital’ 
"^" Agile micro-services and SOA Digital State 


* Agile cloud-based development = 
e A common, enterprise DevOps process c— Cloud DevOps 
Micro-Services Automation Shared Code 
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Governance & Compliance 





Supported by... 
* Maintain and evolve the eco-system 
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* Maintain the capabilities in scope 








Security & Risk Management 
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Developers: Let's run containers ourselves 


Developers 
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2 | 2 What are you running in l 
| 92 your containers? 


Global Security 


How are you ensuring we 


aren't running anything 


malicious? l 
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Everyone: No governance, one outcome 


We had many 
vulnerabilities 


Teams are using 
their own way 
managing their 


Kubernetes cluster 


How much 
resources does 
each of the k8s 
cluster is using 
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Someone was 
running bitcoin 
mining process 


Some of the 
containers are 
running as root 


Where are all the 
governance 
aspect of the 

management of 
our k8s clusters 
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Time to Market, Governance & Security 


quo e Centralized Management 


e SAML-based Access 
RANCHER . Asset Management 


e Orchestration layer for containers 
e Resiliency/High Availability 
e Automation 

Vendor agnostic 





kubernetes 
* Light-weight 


& * Fast 


Oocker e Immutable 
* Cheap 
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* Image Assurance 
aqua ^ Runtime Protection 
1’ «d * Central Container Firewalling 
* Everything is compliant 


ie undis 


financial institutions 





Life Is On 





Schneider 


Confidential Property of Schneider Electric 


An Architecture Overview 


Continuous MTM QE 


Integration 





K8s Cluster K8s Cluster 
(Non-Prod) (Prod) 






BYOSP -CI/CD 
Pipeline 





AquaSec ELK 
(Image Assurance & 
Runtime Policies) 


Registry 
(Logging) 


(Regional) 





Kubernetes Cluster Management 


(HA cluster/Regional) 
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Key Lessons Learnt 


* Keep your documentation alive 

* Provide democratic cost oversight 

e Manage and model your resources proactively 
* Train your customer base 

* Listen to your customers’ needs 
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Moving Forward 


e Transform our infrastructure further 


HARVESTER 
e Simply our architecture with SaaS 
* Optimize are reactivity with auto-scaling 


* Optimize our recovery times with Longhorn qe t 





* Move away from laaS with AWS EKS and Azure 


AKS RANCHER 


e Introduce K3s into light-weight, strategic use cases 
` IB 
i 2. Amazon EKS Um 


* Keep evolving 





IB 
b 
IB 





y K3S 
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